In its recently released half year report, Danish security firm Secunia found that Apple surpassed Oracle this year as the software developer with the most vulnerabilities.

Apple and Oracle were followed by Microsoft, who has held the number 3 spot in Secunia’s list since 2006. Others in the top ten list of software vendors with most vulnerabilities were HP, Adobe Systems, IBM, VMware, Cisco, Google and the Mozilla foundation.

Now, to be clear, the number of vulnerabilities does not necessarily reflect on the overall security of one company or another. The report notes:

To assess the “performance” of vendors in terms of vulnerabilities one should rather look at the changes in the type of vulnerabilities, code quality, handling of vulnerability reports, ability to update users, quality of patches, ability to communicate to end users, number of products, complexity of product portfolio, and other factors which cannot be read out of mere aggregate numbers.

The number of vulnerabilities found is also relative to the number of people looking for them, Secunia pointed out.

Renowned Apple hacker Charlie Miller said Apple’s security problems have grown along with the brand’s popularity, but the company has done fairly okay in patching the holes in its products.

“Ironically, even though Apple has many more vulnerabilities than other vendors, you still don’t see many actual attacks in the wild,” Miller said. “This is a function of their relatively low market share compared to, say, computers running Microsoft Windows. At this point, it makes more economic sense for attackers to focus on the 90% of computers their encounter, namely, those running Windows.”

Secunia, which has looked at 29,000 software products from 4,000 software vendors since 2005, also found that despite software developers’ hefty investments to improve the security of their products, vulnerabilities are still as abundant as they were five years ago.

However, the company noted the number of vulnerabilities affecting average PC users doubled between 2007 and 2009, and expects it to almost double again this year.